// 引入必要的控制器和中间件
const express = require('express');
const router = express.Router();
const userController = require('../controllers/userController');
const { authenticate, authMiddleware } = require('../middleware/auth');
const { hasPermission } = require('../middleware/permissionMiddleware');

// 添加认证中间件
router.use(authMiddleware);

// 获取所有用户
router.get('/', hasPermission('user:list'), userController.getAllUsers);

// 获取当前登录用户信息
router.get('/me', userController.getCurrentUser);

// 获取单个用户
router.get('/:id', hasPermission('user:list'), userController.getUserById);

// 创建用户
router.post('/', hasPermission('user:create'), userController.createUser);

// 更新用户
router.put('/:id', hasPermission('user:update'), userController.updateUser);

// 删除用户
router.delete('/:id', hasPermission('user:delete'), userController.deleteUser);

// 解除用户与角色的关联
router.delete('/:userId/roles/:roleId', hasPermission('user:update'), userController.removeRoleFromUser);

module.exports = router; 